Payment system, electronic device and payment method thereof

ABSTRACT

An electronic device for making a payment is provided. The electronic device includes a display configured to receive a user command, a transceiver configured to communicate with an external device, and a processor configured to request a token associated with a financial service from a payment server when a user requests the financial service and to generate data for providing the financial service by using the token and service information when the token and the service information associated with the financial service is received from the payment server.

CROSS-REFERENCE TO RELATED APPLICATION(S)

This application claims the benefit under 35 U.S.C. §119(e) of a U. S.Provisional application filed on Jul. 14, 2015 in the U. S. Patent andTrademark Office and assigned Ser. No. 62/192,253, and under 35 U.S.C.§119(a) of a Korean patent application filed on Sep. 21, 2015 in theKorean Intellectual Property Office and assigned Serial number10-2015-0133017, the entire disclosure of each of which is herebyincorporated by reference.

TECHNICAL FIELD

The present disclosure relates to a payment method using a portableelectronic device.

BACKGROUND

Electronic devices are implemented in various forms and include, forexample, a smartphone that a user carries, a wearable device that isattached to a part of the body of a user, and the like. With thedevelopment of information technologies (IT), the electronic deviceshave significantly superior functions and provide a user with variousfunctions.

Nowadays, financial technology (hereinafter referred to as “Fin-tech”)that is a combination of the finance technology and the IT getsattention. The Fin-tech that is evaluated as the financial paradigmshift extends its boundary to an off-line financial service and afinance platform building service as well as an on-line financialservice according to the related art.

For example, manufacturers of electronic devices make various efforts todevelop the electronic devices for realizing the fin-tech and buildpayment systems through the cooperation of a credit card company or abank.

The payment system using a portable electronic device makes a payment bysending payment information to a payment device by using a local areacommunication technology such as near field communication (NFC),magnetic secure transmission (MST), or the like. With regard to an MSTmanner, the payment system makes a payment by sending track dataincluding the payment information recorded on an existing magnetic cardto a payment device.

With regard to a payment method using the MST, an electronic devicereceives and stores track data included in the payment information. Whena payment is required, the electronic device makes a payment by usingthe stored track data. However, the electronic device fails to changeinformation included in the track data issued according to the requestof a user by using the track data stored in the electronic device.

The above information is presented as background information only toassist with an understanding of the present disclosure. No determinationhas been made, and no assertion is made, as to whether any of the abovemight be applicable as prior art with regard to the present disclosure.

SUMMARY

Aspects of the present disclosure are to address at least theabove-mentioned problems and/or disadvantages and to provide at leastthe advantages described below. Accordingly, an aspect of the presentdisclosure is to provide an electronic device that variably generatestrack data based on a request of a user or a use purpose of a servicewhen sending payment information through MST and a payment methodthereof.

In accordance with an aspect of the present disclosure, an electronicdevice is provided. The electronic device includes a display configuredto receive a user command, a transceiver configured to communicate withan external device, and a processor configured to request a tokenassociated with a financial service from a payment server when a userrequests the financial service and to generate data for providing thefinancial service by using the token and service information when thetoken and the service information associated with the financial serviceis received from the payment server.

In accordance with another aspect of the present disclosure, a paymentmethod of an electronic device is provided. The payment method includesreceiving a financial service request from a user, requesting a tokenassociated with the financial service from a payment server, receivingthe token and service information associated with the financial servicefrom the payment server, and generating data for providing the financialservice by using the token and the service information.

In accordance with another aspect of the present disclosure, a server isprovided. The server includes a transceiver configured to communicatewith an external device, a memory configured to store available serviceinformation for each user, and a processor configured to request a tokenfrom a finance server when an electronic device requests the tokenassociated with a financial service, to check the service informationavailable to a user of the electronic device when the token is receivedfrom the finance server, and to generate data for providing thefinancial service by using the token and the available serviceinformation.

Other aspects, advantages, and salient features of the disclosure willbecome apparent to those skilled in the art from the following detaileddescription, which, taken in conjunction with the annexed drawings,discloses various embodiments of the present disclosure.

BRIEF DESCRIPTION OF THE DRAWINGS

The above and other aspects, features, and advantages of certainembodiments of the present disclosure will be more apparent from thefollowing description taken in conjunction with the accompanyingdrawings, in which:

FIG. 1 is a diagram illustrating a payment system according to anembodiment of the present disclosure;

FIG. 2 is a diagram illustrating a payment method of a payment systemaccording to an embodiment of the present disclosure;

FIG. 3 is a diagram illustrating a payment method of a payment systemaccording to an embodiment of the present disclosure;

FIG. 4 is a diagram illustrating a payment method of a payment systemaccording to an embodiment of the present disclosure;

FIG. 5 is a block diagram illustrating a configuration of an electronicdevice according to an embodiment of the present disclosure;

FIGS. 6A and 6B are views of track data according to various embodimentsof the present disclosure;

FIG. 7 is a block diagram illustrating a configuration of a paymentserver according to an embodiment of the present disclosure;

FIG. 8 is a flowchart illustrating a payment method of an electronicdevice according to an embodiment of the present disclosure;

FIG. 9 is a flowchart illustrating a payment method of an electronicdevice according to an embodiment of the present disclosure;

FIG. 10 is a flowchart illustrating a payment method of an electronicdevice according to an embodiment of the present disclosure;

FIG. 11 is a flowchart illustrating a payment method of a payment serveraccording to an embodiment of the present disclosure;

FIG. 12 is a block diagram of an electronic device in a networkenvironment according to an embodiment of the present disclosure;

FIG. 13 is a block diagram of an electronic device according to anembodiment of the present disclosure; and

FIG. 14 is a block diagram of a program module according to anembodiment of the present disclosure.

Throughout the drawings, it should be noted that like reference numbersare used to depict the same or similar elements, features, andstructures.

DETAILED DESCRIPTION

The following description with reference to the accompanying drawings isprovided to assist in a comprehensive understanding of variousembodiments of the present disclosure as defined by the claims and theirequivalents. It includes various specific details to assist in thatunderstanding but these are to be regarded as merely exemplary.Accordingly, those of ordinary skill in the art will recognize thatvarious changes and modifications of the various embodiments describedherein can be made without departing from the scope and spirit of thepresent disclosure. In addition, descriptions of well-known functionsand constructions may be omitted for clarity and conciseness.

The terms and words used in the following description and claims are notlimited to the bibliographical meanings, but, are merely used by theinventor to enable a clear and consistent understanding of the presentdisclosure. Accordingly, it should be apparent to those skilled in theart that the following description of various embodiments of the presentdisclosure is provided for illustration purpose only and not for thepurpose of limiting the present disclosure as defined by the appendedclaims and their equivalents.

It is to be understood that the singular forms “a,” “an,” and “the”include plural referents unless the context clearly dictates otherwise.Thus, for example, reference to “a component surface” includes referenceto one or more of such surfaces.

In the disclosure disclosed herein, the expressions “have”, “may have”,“include” and “comprise”, or “may include” and “may comprise” usedherein indicate existence of corresponding features (e.g., elements suchas numeric values, functions, operations, or components) but do notexclude presence of additional features.

In the disclosure disclosed herein, the expressions “A or B”, “at leastone of A or/and B”, or “one or more of A or/and B”, and the like usedherein may include any and all combinations of one or more of theassociated listed items. For example, the term “A or B”, “at least oneof A and B”, or “at least one of A or B” may refer to all of the case(1) where at least one A is included, the case (2) where at least one Bis included, or the case (3) where both of at least one A and at leastone B are included.

The terms, such as “first”, “second”, and the like used herein may referto various elements of various embodiments of the present disclosure,but do not limit the elements. For example, “a first user device” and “asecond user device” may indicate different user devices regardless ofthe order or priority thereof. For example, without departing the scopeof the present disclosure, a first element may be referred to as asecond element, and similarly, a second element may be referred to as afirst element.

It will be understood that when an element (e.g., a first element) isreferred to as being “(operatively or communicatively) coupled with/to”or “connected to” another element (e.g., a second element), it may bedirectly coupled with/to or connected to the other element or anintervening element (e.g., a third element) may be present. In contrast,when an element (e.g., a first element) is referred to as being“directly coupled with/to” or “directly connected to” another element(e.g., a second element), it should be understood that there are nointervening elements (e.g., a third element).

According to the situation, the expression “configured to” used hereinmay be used as, for example, the expression “suitable for”, “having thecapacity to”, “designed to”, “adapted to”, “made to”, or “capable of”.The term “configured to” must not mean only “specifically designed to”in hardware. Instead, the expression “a device configured to” may meanthat the device is “capable of” operating together with another deviceor other components. For example, a “processor configured to (or set to)perform A, B, and C” may mean a dedicated processor (e.g., an embeddedprocessor) for performing a corresponding operation or a generic-purposeprocessor (e.g., a central processing unit (CPU) or an applicationprocessor (AP)) which performs corresponding operations by executing oneor more software programs which are stored in a memory device.

Terms used in this specification are used to describe specifiedembodiments of the present disclosure and are not intended to limit thescope of the present disclosure. The terms of a singular form mayinclude plural forms unless otherwise specified. Unless otherwisedefined herein, all the terms used herein, which include technical orscientific terms, may have the same meaning that is generally understoodby a person skilled in the art. It will be further understood thatterms, which are defined in a dictionary and commonly used, should alsobe interpreted as is customary in the relevant related art and not in anidealized or overly formal detect unless expressly so defined herein invarious embodiments of the present disclosure. In some cases, even ifterms are terms which are defined in the specification, they may not beinterpreted to exclude embodiments of the present disclosure.

An electronic device according to various embodiments of the presentdisclosure may include, for example, at least one of smartphones, tabletpersonal computers (PCs), mobile phones, video telephones, electronicbook readers, desktop PCs, laptop PCs, netbook computers, workstations,servers, personal digital assistants (PDAs), portable multimedia players(PMPs), motion picture experts group phase 1 or phase 2 (MPEG-1 orMPEG-2) audio layer 3 (MP3) players, mobile medical devices, cameras, orwearable devices. According to various embodiments, a wearable devicemay include at least one of an accessory type of a device (e.g., atimepiece, a ring, a bracelet, an anklet, a necklace, glasses, a contactlens, or a head-mounted-device (HMD)), one-piece fabric or clothes typeof a device (e.g., electronic clothes), a body-attached type of a device(e.g., a skin pad or a tattoo), or a bio-implantable type of a device(e.g., implantable circuit).

According to another embodiment, the electronic devices may be homeappliances. The home appliances may include at least one of, forexample, televisions (TVs), digital versatile disc (DVD) players,audios, refrigerators, air conditioners, cleaners, ovens, microwaveovens, washing machines, air cleaners, set-top boxes, home automationcontrol panels, security control panels, TV boxes (e.g., SamsungHomeSync™, Apple TV™, or Google TV™), game consoles (e.g., Xbox™ orPlayStation™), electronic dictionaries, electronic keys, camcorders,electronic picture frames, or the like.

According to another embodiment, the electronic devices may include atleast one of medical devices (e.g., various portable medical measurementdevices (e.g., a blood glucose monitoring device, a heartbeat measuringdevice, a blood pressure measuring device, a body temperature measuringdevice, and the like)), a magnetic resonance angiography (MRA), amagnetic resonance imaging (MRI), a computed tomography (CT), scanners,and ultrasonic devices), navigation devices, global positioning system(GPS) receivers, event data recorders (EDRs), flight data recorders(FDRs), vehicle infotainment devices, electronic equipment for vessels(e.g., navigation systems and gyrocompasses), avionics, securitydevices, head units for vehicles, industrial or home robots, automaticteller's machines (ATMs), points of sales (POSs), or internet of things(e.g., light bulbs, various sensors, electric or gas meters, sprinklerdevices, fire alarms, thermostats, street lamps, toasters, exerciseequipment, hot water tanks, heaters, boilers, and the like).

According to an embodiment, the electronic devices may include at leastone of parts of furniture or buildings/structures, electronic boards,electronic signature receiving devices, projectors, or various measuringinstruments (e.g., water meters, electricity meters, gas meters, or wavemeters, and the like). According to various embodiments, the electronicdevice may be one of the above-described devices or a combinationthereof. An electronic device according to an embodiment may be aflexible electronic device. Furthermore, an electronic device accordingto an embodiment of the present disclosure may not be limited to theabove-described electronic devices and may include other electronicdevices and new electronic devices according to the development oftechnologies.

Hereinafter, electronic devices according to various embodiment of thepresent disclosure will be described with reference to the accompanyingdrawings. The term “user” used herein may refer to a person who uses anelectronic device or may refer to a device (e.g., an artificialintelligence electronic device) that uses an electronic device.

FIG. 1 is a diagram illustrating a payment system according to anembodiment of the present disclosure.

Referring to FIG. 1, a payment system 1000 may include an electronicdevice 100, an authentication server 200, a payment server 300, afinance server 400, a payment device 500, a payment agent server (orpayment gateway server) 600, and a deposit and withdrawal device 700.The devices included in the payment system 1000 illustrated in FIG. 1may be connected with each other through a network. For example,elements may be connected with each other through a mobile communicationnetwork, an Internet network, or a local area network wirelesscommunication network (NFC, wireless-fidelity (Wi-Fi), MST, or thelike).

According to various embodiments of the present disclosure, theelectronic device 100 may be a user device that a user wanting to make apayment (or a deposit and withdrawal) uses. The user may make a paymentor may make a deposit and withdrawal (or remit money) online or offlineby using the electronic device 100.

According to an embodiment, the electronic device 100 may provide a userwith a payment service by using a payment application (e.g., SamsungPay™ Application). According to an embodiment, the payment applicationmay provide a user with a user interface associated with the payment.For example, the payment application may provide a user interfaceassociated with card registration, a payment, or a transaction.Moreover, the payment application may provide, for example, an interfaceassociated with authentication of a user through identification andverification (ID&V).

According to an embodiment, the electronic device 100 may manage cardinformation (or account information) associated with a payment serviceaccount (e.g., a Samsung account), a biometric authentication serviceaccount, and a user account.

According to an embodiment, the electronic device 100 may authenticate auser through a biometric authentication process. If a payment requestfrom a user is received, the electronic device 100 may perform biometricauthentication in conjunction with the authentication server 200.

According to an embodiment, the electronic device 100 may request apayment token from the finance server 400 through the payment server300. According to an embodiment, the electronic device 100 may make apayment (or a deposit and withdrawal) by using a token issued by thefinance server 400.

According to an embodiment, the electronic device 100 may receive aservice code from the payment server 300. According to an embodiment,the electronic device 100 may request an available service code from thepayment server 300 or may send a use approval request of a designatedservice code to the payment server 300.

According to an embodiment, the electronic device 100 may generate trackdata for making a payment or a deposit and withdrawal by using thepayment token and the service code. For example, to make a payment byusing the MST, the electronic device 100 may change the payment tokeninto the form of track data and may insert the service code in adesignated area of the track data. As another example, in the case wherethe payment token is generated in the form of track data, the electronicdevice 100 may generate final track data by inserting the service codein the payment token. According to an embodiment, the electronic device100 may send the track data to the payment device 500 or the deposit andwithdrawal device 700 and may make a payment or a deposit and withdrawalby using the track data.

According to an embodiment, the authentication server 200 mayauthenticate a user in response to the request of the electronic device100. According to an embodiment, the authentication server 200 mayprovide a biometric authentication service (e.g., fast identity online(FIDO)) for performing user authentication by using biometricinformation of a user. According to an embodiment, the authenticationserver 200 may perform user authentication by using authenticationinformation received from the electronic device 100. According to anembodiment, when the user authentication is completed, theauthentication server 200 may send the authentication result to theelectronic device 100.

According to an embodiment, the authentication server 200 may managecard information (or account information) associated with a paymentservice account (e.g., a Samsung account), a biometric authenticationservice account, and a user account. According to an embodiment, whenreceiving the biometric authentication checking request associated withthe payment information from the finance server 400, the authenticationserver 200 may check whether to complete the biometric authentication ofa user.

According to an embodiment, the payment server 300 may exchangeinformation with the electronic device 100 and the finance server 400.According to an embodiment, the payment server 300 may manage cardinformation (or account information) associated with a payment serviceaccount (e.g., a Samsung account), a biometric authentication serviceaccount, and a user account. According to an embodiment, the paymentserver 300 may manage an available service code list for each user thatsubscribes to a payment service. For example, the service code may meana code for identifying an additional service provided to a user in aprocess of making a payment or a deposit and withdrawal.

According to an embodiment, the service code may include a service codeused for a payment service and a service code used for a deposit andwithdrawal service. For example, the service code used for the paymentservice may be a code that allows the electronic device 100 to performat least one of providing an advertisement, issuing a coupon, collectinga point, or discounting a charge. As another example, the service codeused for a deposit and withdrawal service may be a code that allows theelectronic device 100 to perform at least one of not outputting areceipt, discounting a fee, reducing and exempting a fee, and providinga text service.

According to an embodiment, the service code list may be changedaccording to the request of a user or the details of a financial serviceof a user. For example, a user (e.g., a very important person (VIP))that has a high record of a financial service may use a service code forreducing and exempting a fee, providing a text service, discounting acharge, and the like. As another example, in the case where a userselects an advertisement associated with a specific finance product, theuser may use a service code for providing an advertisement. According toan embodiment, if an available service code of a user is changed, thepayment server 300 may update the service code list. According to anembodiment, the service code list may be shared with the electronicdevice 100.

According to an embodiment, if the electronic device 100 requests apayment token, the payment server 300 may send a token request to thefinance server 400. According to an embodiment, the payment server 300may send the token request, which is received from the electronic device100, to the finance server 400. According to an embodiment, the paymentserver 300 may send a token, which is received from the finance server400, to the electronic device 400.

According to an embodiment, if receiving a token request or service coderequest from the electronic device 100, the payment server 300 may checka service code that is available to a user of the electronic device 100.According to an embodiment, the payment server 300 may send theavailable service code to the electronic device 100.

According to an embodiment, the payment server 300 may generate trackdata for making a payment or a deposit and withdrawal by using a paymenttoken and a service code. For example, the payment server 300 may changethe payment token into the form of track data and may insert the servicecode in a designated position of the track data. As another example, inthe case where the payment token has the form of track data, the paymentserver 300 may generate final track data by inserting a service code inthe payment token. According to an embodiment, the payment server 300may send the generated track data to the electronic device 100.

According to an embodiment, if receiving the use request of a servicecode from the electronic device 100, the payment server 300 maydetermine whether a user of the electronic device 100 has an authorityto use the requested service code. According to an embodiment, if it isdetermined that the user has the authority, the payment server 300 maysend use approval information about the service code to the electronicdevice 100. If it is determined that the user does not have theauthority, the payment server 300 may send use rejection informationabout the service code to the electronic device 100.

According to an embodiment, the finance server 400 may generate apayment token. According to an embodiment, the finance server 400 maygenerate a token in the form of track data. According to an embodiment,if receiving a payment token request from the payment server 300, thefinance server 400 may check whether user authentication is passed byusing the authentication server 200. According to an embodiment, ifreceiving the result of checking biometric authentication from theauthentication server 200, the finance server 400 may generate a tokenand may send the token to the payment server 300. According to variousembodiments of the present disclosure, the token may be generated by atoken server independent of the finance server 400 and may be sent tothe electronic device 100.

According to an embodiment, the finance server 400 may be a server thata credit card company or a bank operates. According to an embodiment,the finance server 400 may issue a card and may manage card information(or account information) about the card. According to an embodiment, thefinance server 400 may receive information about a payment or a depositand withdrawal from the payment agent server 600 or the deposit andwithdrawal device 700 to finally determine whether to approve thepayment or the deposit and withdrawal.

According to an embodiment, if receiving information associated with apayment from the payment agent server 600 or the deposit and withdrawaldevice 700, the finance server 400 may check a service code included inthe information associated with the payment to provide a user of theelectronic device 100 with a service corresponding to the service code.For example, the finance server 400 may exempt a user from a withdrawalfee or may provide the user with a short message service (SMS) forproviding the user with the result of a deposit and withdrawal. Asanother example, the finance server 400 may collect an additional pointin a payment card or may discount a part of the amount of payment whenthe amount of payment is charged.

If receiving track data from the electronic device 100, the paymentdevice 500 may send information associated with a payment, which isincluded in track data, to the payment agent server 600. According to anembodiment, the information associated with the payment may includepayment information (e.g., a token), a token validity period, a servicecode, and encryption information (e.g., cryptogram). According to anembodiment, the payment device 500 may be a point of sale (POS) terminalor a card terminal.

The payment agent server 600 may send information associated with apayment (e.g., a service code of payment information and encryptioninformation (e.g., cryptogram)), which is received from the paymentdevice 500, to the finance server 400. According to an embodiment, ifreceiving information about whether to approve a payment from thefinance server 400, the payment agent server 600 may send theinformation to the payment server 300 and the payment device 500.

If receiving track data from the electronic device 100, the deposit andwithdrawal device 700 may send information associated with a deposit andwithdrawal, which is included in the track data, to the finance server400. According to an embodiment, the information associated with thedeposit and withdrawal may include a deposit and withdrawal account, theamount of deposit and withdrawal, a token validity period, a servicecode, and encryption information. According to an embodiment, thedeposit and withdrawal device 700 may be an automated teller machine(ATM).

FIG. 2 is a diagram illustrating a payment method of a payment systemaccording to an embodiment of the present disclosure.

A flowchart illustrated in FIG. 2 may denote an operation in which thepayment system uses a disposable token (e.g., one time card (OTC)) or inwhich the payment system makes a payment after receiving a token, whichcan be repeatedly used, for the first time.

Referring to FIG. 2, in operation 201, a user of the electronic device100 may request a financial service. For example, the electronic device100 may receive a payment command or a deposit and withdrawal commandfrom a user through a user interface provided at a payment applicationinstalled in the electronic device 100.

In operation 203, the electronic device 100 and the authenticationserver 200 may authenticate a user. According to an embodiment, if thefinancial service is requested, the electronic device 100 may performbiometric authentication by using a biometric authentication module. Thebiometric authentication may be an authentication method using thebiometric information of the user and may include, for example, afingerprint authentication, an iris authentication, a faceauthentication, a voice authentication, or the like. For example, theelectronic device 100 may perform biometric authentication byrecognizing the biometric information of the user and comparing therecognized biometric information with the previously registeredbiometric information. According to an embodiment, if there is noregistered biometric information, the electronic device 100 may performa process of registering biometric information of the user. According toan embodiment, the electronic device 100 may send authenticationinformation to the authentication server 200 based on the biometricauthentication. The authentication information may be, for example,information in which specific data is encrypted (or specific dataincludes an electronic signature) by using a private key included in theelectronic device 100. According to an embodiment, the authenticationserver 200 may perform user authentication by using authenticationinformation received from the electronic device 100 and may send theauthentication result to the electronic device 100.

In operation 205, the electronic device 100 may request a token from thepayment server 300. According to an embodiment, the token request mayinclude at least one of user information (e.g., a user account), paymentinformation (e.g., a card number), or deposit and withdrawal information(e.g., an account number). In operation 207, the payment server 300 mayrequest a token from the finance server 400.

In operation 209, the finance server 400 may generate the token.According to an embodiment, the token may be used when a user makes apayment or a deposit and withdrawal and may include card information(e.g., a primary account number (PAN)) or a value for replacing accountinformation. According to an embodiment, the finance server 400 maygenerate the token in the form of track data.

According to an embodiment, before generating the token, the financeserver 400 may check whether the user authentication is passed, throughthe authentication server 200. For example, the finance server 400 mayrequest the authentication server 200 to check whether the userauthentication is passed and may receive the received result. Accordingto an embodiment, if the user authentication is checked, the financeserver 400 may generate the token.

In operation 211, the finance server 400 may send the token to thepayment server 300. According to an embodiment, the finance server 400may encrypt the token and may send the encrypted token to the paymentserver 300.

In operation 213, the payment server 300 may check a service code thatis available to a user of the electronic device 100. According to anembodiment, the payment server 300 may manage an available service codelist for each user. According to an embodiment, the payment server 300may check the service code, which is available to a user, by using theservice code list.

According to an embodiment, the payment server 300 may check theavailable service code based on a kind of financial service requestinputted to the electronic device 100. For example, if the electronicdevice 100 requests a token for making a payment, the payment server 300may check a service code used for the payment. As another example, ifthe electronic device 100 requests a token for making a deposit andwithdrawal, the payment server 300 may check a service code used for thedeposit and withdrawal. According to an embodiment, the payment server300 may determine whether the token request is a token request formaking a payment or a token request for making a deposit and withdrawal,by using information included in the token request received from theelectronic device 100.

In operation 215, the payment server 300 may send the token and aservice code, which is available to a user, to the electronic device100.

In operation 217, the electronic device 100 may generate track data byusing the token and the service code received from the payment server300. For example, the electronic device 100 may change a payment tokenin the form of track data and may insert the service code in adesignated position of the track data. As another example, in the casewhere a payment token has the form of track data, the electronic device100 may generate the final track data by inserting the service code inthe payment token.

According to an embodiment, the electronic device 100 may generatedifferent track data based on a kind of financial service that a userrequests. For example, in the case where a user requests a paymentservice, the electronic device 100 may generate first track data (e.g.,track 2 data). In the case where a user requests a deposit andwithdrawal service, the electronic device 100 may generate second trackdata (e.g., track 3 data).

According to an embodiment, before generating the track data, theelectronic device 100 may ask a user about whether to use a servicecode. For example, the electronic device 100 may provide an availableservice code list through a user interface provided at a paymentapplication. The user may select whether to use the service code throughthe user interface.

According to an embodiment, in the case where a payment system uses atoken that can be repeatedly used, the electronic device 100 may storethe received token in a memory.

In operation 219, the electronic device 100 may send the track data tothe payment device 500. According to an embodiment, in the case wherethe financial service that a user requests is a deposit and withdrawalservice, the electronic device 100 may send the track data to thedeposit and withdrawal device 700. According to an embodiment, theelectronic device 100 may send the track data by using an MST module.

In an embodiment described with reference to FIG. 2, the electronicdevice 100 is described as generating the track data. However, anembodiment of the inventive concept is not limited thereto. For example,the payment server 300 may generate the track data.

According to an embodiment, if operation 213 is completed, the paymentserver 300 may generate the track data by using the token and thechecked service code received from the finance server 400. According toan embodiment, the payment server 300 may generate different track databased on a kind of financial service that a user requests. For example,in the case where a user requests a payment service, the payment server300 may generate first track data (e.g., track 2 data). In the casewhere a user requests a deposit and withdrawal service, the electronicdevice 100 may generate second track data (e.g., track 3 data).

If generating the track data, the payment server 300 may send the trackdata to the electronic device 100. That is, in operation 215, thepayment server 300 may send the track data, not a token and a servicecode.

If receiving the track data from the payment server 300, the electronicdevice 100 may omit an operation of generating the track data and maysend the received track data to the payment device 500.

FIG. 3 is a diagram illustrating a payment method of a payment systemaccording to an embodiment of the present disclosure.

The flowchart illustrated in FIG. 3 may mean that an electronic devicerequests a service code from the payment server 300 and then makes apayment while storing a token.

Referring to FIG. 3, in operation 301, a user of the electronic device100 may request a financial service. For example, the electronic device100 may receive a payment command or a deposit and withdrawal commandfrom a user through a user interface provided at a payment applicationinstalled in the electronic device 100.

In operation 303, the electronic device 100 and the authenticationserver 200 may authenticate a user. According to an embodiment, if thefinancial service is requested, the electronic device 100 may performbiometric authentication by using biometric authentication module. Thebiometric authentication may be an authentication method using thebiometric information of the user and may include, for example, afingerprint authentication, an iris authentication, a faceauthentication, a voice authentication, or the like. For example, theelectronic device 100 may perform biometric authentication byrecognizing the biometric information of the user and comparing therecognized biometric information with the previously registeredbiometric information. According to an embodiment, if there is noregistered biometric information, the electronic device 100 may performa process of register biometric information of the user. According to anembodiment, the electronic device 100 may send authenticationinformation to the authentication server 200 based on the biometricauthentication. The authentication information may be, for example,information in which specific data is encrypted (or specific dataincludes an electronic signature) by using a private key included in theelectronic device 100. According to an embodiment, the authenticationserver 200 may perform user authentication by using authenticationinformation received from the electronic device 100 and may send theauthentication result to the electronic device 100.

In operation 305, the electronic device 100 may request a service codefrom the payment server 300. According to an embodiment, the request ofthe service code may include at least one of user information (e.g.,user account), payment information (e.g., card number), or deposit andwithdrawal information (e.g., account number).

In operation 307, the payment server 300 may check a service code thatis available to a user of the electronic device 100. According to anembodiment, the payment server 300 may manage an available service codelist for each user. According to an embodiment, the payment server 300may check the service code, which is available to a user, by using theservice code list.

According to an embodiment, before checking the service code, thepayment server 300 may check whether the user authentication is passed,through the authentication server 200. For example, the payment server300 may request the authentication server 200 to check whether the userauthentication is passed and may receive the received result. Accordingto an embodiment, if the user authentication is checked, the paymentserver 300 may check an available service code.

According to an embodiment, the payment server 300 may check the servicecode based on a kind of financial service inputted to the electronicdevice 100. For example, if a payment request is inputted to theelectronic device 100, the payment server 300 may select a service codeused for a payment. As another example, if a deposit and withdrawalservice is requested from the electronic device 100, the payment server300 may select a service code used for a deposit and withdrawal.According to an embodiment, the payment server 300 may determine whetherthe token request is a token request for making a payment or a tokenrequest for making a deposit and withdrawal, by using informationincluded in the service code request received from the electronic device100.

In operation 309, the payment server 300 may send a service code, whichis available to a user, to the electronic device 100.

In operation 311, the electronic device 100 may generate track data byusing the token stored in a memory and the service code received fromthe payment server 300. According to an embodiment, the electronicdevice 100 may generate different track data based on a kind offinancial service that a user requests. For example, in the case where auser requests a payment service, the electronic device 100 may generatefirst track data (e.g., track 2 data). In the case where a user requestsa deposit and withdrawal service, the electronic device 100 may generatesecond track data (e.g., track 3 data).

According to an embodiment, before generating the track data, theelectronic device 100 may ask a user about whether to use a servicecode. For example, the electronic device 100 may provide an availableservice code list through a user interface provided at a paymentapplication. The user may select whether to use the service code throughthe user interface.

In operation 313, the electronic device 100 may send the track data tothe payment device 500. According to an embodiment, in the case wherethe financial service that a user requests is a deposit and withdrawalservice, the electronic device 100 may send the track data to thedeposit and withdrawal device 700. According to an embodiment, theelectronic device 100 may send the track data by using an MST module.

FIG. 4 is a diagram illustrating a payment method of a payment systemaccording to embodiment of the present disclosure.

The flowchart illustrated in FIG. 4 may mean that an electronic devicerequests the use approval of a service code from the payment server 300and then makes a payment while storing an available service code list.

Referring to FIG. 4, in operation 401, a user of the electronic device100 may request a financial service. For example, the electronic device100 may receive a payment command or a deposit and withdrawal commandfrom a user through a user interface provided at a payment applicationinstalled in the electronic device 100.

In operation 403, the electronic device 100 and the authenticationserver 200 may authenticate a user. According to an embodiment, if theuser requests the financial service, the electronic device 100 mayperform biometric authentication by using a biometric authenticationmodule. The biometric authentication may be an authentication methodusing the biometric information of a user and may include, for example,a fingerprint authentication, an iris authentication, a faceauthentication, a voice authentication, or the like. For example, theelectronic device 100 may perform biometric authentication byrecognizing the biometric information of the user and comparing therecognized biometric information with the previously registeredbiometric information. According to an embodiment, if there is noregistered biometric information, the electronic device 100 may performa process of register biometric information of the user. According to anembodiment, the electronic device 100 may send authenticationinformation to the authentication server 200 based on the biometricauthentication. The authentication information may be, for example,information in which specific data is encrypted (or specific dataincludes an electronic signature) by using a private key included in theelectronic device 100. According to an embodiment, the authenticationserver 200 may perform user authentication by using authenticationinformation received from the electronic device 100 and may send theauthentication result to the electronic device 100.

In operation 405, the electronic device 100 may request the paymentserver 300 to use a service code. According to an embodiment, the userequest of the service code may include at least one of user information(e.g., a user account), payment information (e.g., a card number), ordeposit and withdrawal information (e.g., an account number).

According to an embodiment, the electronic device 100 may request thepayment server 300 to use the service code, which is selected by a user,from among available service codes. According to an embodiment, a usermay select at least a part of an available service code list through auser interface provided at a payment application of the electronicdevice 100. According to an embodiment, the electronic device 100 mayselect different service code based on a kind of requested financialservice. For example, if a payment request is inputted to the electronicdevice 100, the payment server 300 may provide a user interface forselecting a service code used for a payment. As another example, if adeposit and withdrawal service is requested from the electronic device100, the payment server 300 may provide a user interface for selecting aservice code used for a deposit and withdrawal by the user.

In operation 407, the payment server 300 may check an authority to usethe service code that the payment server 300 is requested to use.According to an embodiment, the payment server 300 may manage anavailable service code list for each user. According to an embodiment,the payment server 300 may check the service code, which is available toa user, by using the service code list.

According to an embodiment, before checking the authority to use theservice code, the payment server 300 may check whether the userauthentication is passed, through the authentication server 200. Forexample, the payment server 300 may request the authentication server200 to check whether the user authentication is passed and may receivethe received result. According to an embodiment, if the userauthentication is passed, the payment server 300 may check the authorityto use the service code.

According to an embodiment, in operation 409, if it is determined thatthe user has the authority, the payment server 300 may send use approvalinformation about the service code to the electronic device 100. Asanother example, if it is determined that the user does not have theauthority, the payment server 300 may send use rejection informationabout the service code to the electronic device 100.

In operation 411, the electronic device 100 may generate track data byusing the token stored in a memory and the service code that the paymentserver 300 approves of using. According to an embodiment, the electronicdevice 100 may generate different track data based on a kind offinancial service that a user requests. For example, in the case where auser requests a payment service, the electronic device 100 may generatefirst track data (e.g., track 2 data). In the case where a user requestsa deposit and withdrawal service, the electronic device 100 may generatesecond track data (e.g., track 3 data).

In operation 413, the electronic device 100 may send the track data tothe payment device 500. According to an embodiment, in the case wherethe financial service that a user requests is a deposit and withdrawalservice, the electronic device 100 may send the track data to thedeposit and withdrawal device 700. According to an embodiment, theelectronic device 100 may send the track data by using an MST module.

FIG. 5 is a block diagram illustrating a configuration of an electronicdevice according to an embodiment of the present disclosure.

Referring to FIG. 5, the electronic device 100 may include acommunication module 110, an MST module 120, a biometric authenticationmodule 130, an input module 140, a display 150, a memory 160, and acontrol module 170.

The communication module 110 may communicate with an external device.According to an embodiment, the communication module 110 may exchangeinformation associated with a payment with an external device (e.g., theauthentication server 200, the payment server 300, or the like).According to an embodiment, the communication module 110 may send andreceive data through a network (e.g., a mobile communication network oran Internet network). According to an embodiment, the communicationmodule 110 may include a cellular module, a Wi-Fi module, a Bluetoothmodule, an NFC module, an MST module, a global navigation satellitesystem (GNSS) module, and the like.

The MST module 120 may send information by using an MST communicationtechnology. According to an embodiment, the MST module 120 may sendtrack data to the payment device 500 and the deposit and withdrawaldevice 700 supporting a magnetic card. According to an embodiment, thetrack data may include information associated with a payment orinformation associated with a deposit and withdrawal. According to anembodiment, the information associated with the payment may includepayment information (e.g., a token), a token validity period, a servicecode, and encryption information (e.g., cryptogram). According to anembodiment, the information associated with the deposit and withdrawalmay include a deposit and withdrawal account, the amount of deposit andwithdrawal, a token validity period, a service code, and encryptioninformation.

The biometric authentication module 130 may recognize biometricinformation (e.g., a fingerprint, an iris, a face, a voice, or the like)of a user and may authenticate a user by using the biometricinformation. According to an embodiment, the biometric authenticationmodule 130 may include a fingerprint authentication module, an irisauthentication module, a face authentication module and a voice (orsound) authentication module.

The input module 140 may receive a user command. According to anembodiment, the input module 140 may receive a user command forrequesting a financial service. For example, the input module 140 mayreceive the request of a payment associated with a product transactionor the request of a deposit and withdrawal. According to an embodiment,the input module 140 may receive a user command for selecting a servicecode. For example, if receiving an available service code from thepayment server 300, the input module 140 may receive whether to use acorresponding service code, from a user. According to an embodiment, theinput module 140 may receive a user command for requesting the use ofthe service code.

In an embodiment, the input module 140 may include a touch sensor panelsensing a touch manipulation of a user or a pen sensor panel sensing apen manipulation of a user. According to an embodiment, the input module140 may sense a user manipulation inputted by a user with the user'sfinger or a pen spaced apart from a panel by a specific distance, aswell as a user manipulation inputted when the user directly makescontact with the panel (e.g., a touch sensor panel or a pen sensorpanel).

The display 150 may display a user interface. According to anembodiment, the display 150 may display a user interface that a paymentapplication provides. A user may input the request of a financialservice through a user interface displayed on the display 150. Accordingto an embodiment, the display 150 may display an available service codelist. A user may select whether to use the service code by using theservice code list displayed on the display 150 or may request the use ofthe service code.

According to an embodiment, the input module 140 and the display 150,for example, may be implemented with a touch screen that is capable ofdisplaying and sensing the touch manipulation at the same time. In thetouch screen, the touch sensor panel may be disposed on the displaypanel.

The memory 160 may store information associated with a financialservice. According to an embodiment, the memory 160 may store cardinformation (or account information) associated with a payment serviceaccount (e.g., a Samsung account), a biometric authentication serviceaccount, and a user account. According to an embodiment, the memory 160may store a token used for a payment or a deposit and withdrawal.According to an embodiment, the memory 160 may store an availableservice code list. According to an embodiment, a service code mayinclude a service code used for a payment service and a service codeused for a deposit and withdrawal service. For example, the service codeused for the payment service may be a code that allows the electronicdevice 100 to perform at least one of providing an advertisement,issuing a coupon, collecting a point, or discounting a charge. Asanother example, the service code used for a deposit and withdrawalservice may be a code that allows the electronic device 100 to performat least one of not outputting a receipt, discounting a fee, reducingand exempting a fee, and providing a text service.

According to an embodiment, the memory 160 may include various memoriesthat are capable of storing security information such as an embeddedsecure element (eSE), an embedded subscriber identity module (eSIM), atrusted execution environment (TEE), an advanced security secure digitalcard (ASSD), or the like. The TEE may be, for example, a memory includedin the control module 170 and may correspond to a memory area that isaccessed when the control module 170 operates in a security mode.

The control module 170 may control an overall operation of theelectronic device 100. According to an embodiment, the control module170 may provide a user with a financial service according to variousembodiments by controlling the communication module 110, the MST module120, the biometric authentication module 130, the input module 140, thedisplay 150, and the memory 160, respectively.

According to an embodiment, the control module 170 (e.g., an AP) may beimplemented with a system on chip (SoC) including a processor (or aCPU), a graphic processing unit (GPU), a video process, a memory, andthe like.

According to an embodiment, the control module 170 may include anapproval module 171 and a track generation module 173. Each of theapproval module 171 and the track generation module 173 may be a programmodule that is executed by the control module 170 and performs adesignated operation.

According to an embodiment, if a user requests a payment, the approvalmodule 171 may perform biometric authentication. For example, if a userrequests a financial service, the approval module 171 may authenticate auser in conjunction with the authentication server 200. For example, ifreceiving the request of authentication information, the approval module171 may activate the biometric authentication module 130 and may performbiometric authentication. According to an embodiment, if the biometricauthentication is completed, the approval module 171 may sendauthentication information to the authentication server 200, and theauthentication server 200 may perform user authentication.

According to an embodiment, if a user requests a financial service, theapproval module 171 may request a token from the payment server 300.According to an embodiment, the token request may include at least oneof user information (e.g., a user account), payment information (e.g., acard number), or deposit and withdrawal information (e.g., an accountnumber). According to an embodiment, if the user authentication iscompleted, the approval module 171 may request a token from the paymentserver 300. For example, in the case where a payment system uses adisposable token (e.g., OTC) or where the payment system receives atoken, which can be repeatedly used, for the first time (that is, in thecase where a token is not stored in the memory 160), the approval module171 may request a token to the payment server 300.

According to an embodiment, the approval module 171 may request a tokencorresponding to a kind of financial service that a user requests. Forexample, in the case where a user requests a payment service, theapproval module 171 may request a token associated with a paymentservice. In the case where a user requests a deposit and withdrawalservice, the approval module 171 may request a token associated with adeposit and withdrawal service.

According to an embodiment, the approval module 171 may request a tokenbased on data received from an external device. For example, if specificdata is received from the payment device 500 with the electronic device100 placed around the payment device 500, the electronic device 100 mayrequest a token associated with a payment service. As another example,if specific data is received from the deposit and withdrawal device 700with the electronic device 100 placed around the deposit and withdrawaldevice 700, the electronic device 100 may request a token associatedwith a deposit and withdrawal service.

According to an embodiment, if the token is received from the paymentserver 300, the approval module 171 may store the received token to thememory 160. According to an embodiment, if the token that can berepeatedly used is received from the payment server 300, the approvalmodule 171 may store the received token to the memory 160. According toan embodiment, the token may be issued and managed for each card or foreach account.

According to an embodiment, if a financial service is requested from auser, the approval module 171 may request a service code to the paymentserver 300. For example, in the case where an available token is storedin the memory 160, the approval module 171 may request only the servicecode to the payment server 300. According to an embodiment, the requestof the service code may include at least one of user information (e.g.,a user account), payment information (e.g., a card number), or depositand withdrawal information (e.g., an account number).

According to an embodiment, if a user requests the use of a servicecode, the approval module 171 may request the use approval of theservice code from the payment server 300. According to an embodiment, ifa user requests a financial service, the approval module 171 may displaya user interface for selecting an available service code list on thedisplay 150. According to an embodiment, if a service code is selectedby a user, the approval module 171 may request the use approval of theselected service code from the payment server 300.

According to an embodiment, the track generation module 173 may generatetrack data by using the token and the service code. For example, thetrack generation module 173 may generate the track data by using thetoken and the service code received from the payment server 300. Asanother example, the track generation module 173 may generate the trackdata by using the token stored in the memory 160 and the service codereceived from the payment server 300.

According to an embodiment, the track generation module 173 may generatedifferent track data based on a kind of financial service that a userrequests. For example, in the case where a user requests a paymentservice, the track generation module 173 may generate first track data(e.g., track 2 data). In the case where a user requests a deposit andwithdrawal service, the electronic device 100 may generate second trackdata (e.g., track 3 data).

According to an embodiment, the approval module 171 may generatedifferent track data based on data received from an external device. Forexample, if specific data is received from the payment device 500 withthe electronic device 100 placed around the payment device 500, theelectronic device 100 may generate the first track data associated witha payment service. As another example, if specific data is received fromthe deposit and withdrawal device 700 with the electronic device 100placed around the deposit and withdrawal device 700, the electronicdevice 100 may generate the second track data associated with a depositand withdrawal service.

According to an embodiment, the track generation module 173 may insertdifferent service codes in the track data based on a kind of financialservice (or a kind of track data) that a user requests. For example, inthe case where a user requests a payment service, the track generationmodule 173 may insert a service code used for a payment in the firsttrack data. As another example, in the case where a user requests adeposit and withdrawal service, the track generation module 173 mayinsert a service code used for a deposit and withdrawal in the secondtrack data.

According to an embodiment, the control module 170 may send thegenerated track data to the payment device 500 or the deposit andwithdrawal device 700 through the MST module 120.

FIGS. 6A and 6B are views of track data according to various embodimentsof the present disclosure.

FIG. 6A may represent first track data, and FIG. 6B may represent secondtrack data.

Referring to FIG. 6A, the first track data may include paymentinformation such as a token number, a token validity period, a paymentcode, and the like. The token number may include, for example, a numberfor replacing a card number (e.g., PAN). The token validity period maydenote a period during which a token is used and may be set when thetoken is issued by the finance server 400. The payment code may include,for example, information for distinguishing a kind of payment servicesuch as a payment, a payment cancel, or the like.

According to an embodiment, the first track data may include a servicecode in a designated area. According to an embodiment, the service codemay be expressed by two decimal digits (or hexadecimal). For example,the service code may be inserted in the 25^(th) and 26^(th) positions ofthe first track data.

Referring to FIG. 6B, the second track data may include deposit andwithdrawal information such as an account number, the amount of depositand withdrawal, money unit, and the like. According to an embodiment,the second track data may include a service code. According to anembodiment, the service code may be expressed by two decimal digits (orhexadecimal). For example, the service code may be inserted in the90^(th) and 91^(st) positions of the second track data.

FIG. 7 is a block diagram illustrating a configuration of a paymentserver according to an embodiment of the present disclosure.

Referring to FIG. 7, the payment server 300 may include a communicationmodule 310, a memory 320, and a control module 330.

The communication module 310 may communicate with an external device.According to an embodiment, the communication module 310 may exchangeinformation associated with a payment or a deposit and withdrawal withan external device (e.g., the electronic device 100, the finance server400, or the like). According to an embodiment, the communication module310 may send and receive data through a network (e.g., a mobilecommunication network or an Internet network).

The memory 320 may store information associated with a financialservice. According to an embodiment, the memory 320 may store cardinformation (or account information) associated with a payment serviceaccount (e.g., a Samsung account), a biometric authentication serviceaccount, and a user account. According to an embodiment, the memory 320may store an available service code list for each user that subscribesto a payment service. According to an embodiment, a service code mayinclude a service code used for a payment service and a service codeused for a deposit and withdrawal service.

The control module 330 may control an overall operation of the paymentserver 300. According to an embodiment, the control module 330 mayinclude a payment module 331, a token management module 333, and aservice code management module 335. The payment module 331, the tokenmanagement module 333 and the service code management module 335 may bea program module executed by the control module 330 and performs adesignated operation.

According to an embodiment, the payment module 331 may be functionallyconnected with a payment application included in the electronic device100 to exchange information associated with a payment or a deposit andwithdrawal. According to an embodiment, if a payment is completed, thepayment module 331 may store and manage information of a payment result,the details of a payment, a payment record, and the like. According toan embodiment, the payment module 331 may manage a payment serviceaccount, card information (or account information), and the like storedin the memory 320.

According to an embodiment, the token management module 333 may befunctionally connected with the finance server 400 to perform at leastone of issuing, deleting, or activating of a token. According to anembodiment, the token management module 333 may send a token request,which is received from the electronic device 100, to the finance server400 (or a token server) and may send a response (e.g., a token) of arequest, which is received from the finance server 400 (or the tokenserver), to the electronic device 100.

According to an embodiment, the service code management module 335 maymanage an available service code list for each user that subscribes to apayment service. According to an embodiment, the service code managementmodule 335 may update a service code list based on the request of a useror the details of a financial service of a user. According to anembodiment, the service code list may be shared with the electronicdevice 100.

According to an embodiment, if receiving a token request or service coderequest from the electronic device 100, the service code managementmodule 335 may check a service code that is available to a user of theelectronic device 100 and may send the available service code to theelectronic device 100.

According to an embodiment, if receiving the use request of a servicecode from the electronic device 100, the service code management module335 may determine whether a user of the electronic device 100 has anauthority to use the requested service code. According to an embodiment,if it is determined that the user have the authority, the service codemanagement module 335 may send use approval information about theservice code to the electronic device 100. If it is determined that theuser does not have the authority, the service code management module 335may send use rejection information about the service code to theelectronic device 100.

A track generation module 337 may generate track data. According to anembodiment, the track generation module 337 may generate the track databy using the token received from the finance server 400 and the checkedservice code. According to another embodiment, the track generationmodule 337 may generate the track data by using the token and theservice code received from the electronic device 100. According to anembodiment, the track generation module 337 may generate different trackdata based on a kind of financial service that a user requests. Forexample, in the case where a user requests a payment service (that is,in the case where the electronic device 100 requests a token for apayment service), the track generation module 337 may generate firsttrack data (e.g., track 2 data). In the case where a user requests adeposit and withdrawal service (that is, in the case where theelectronic device 100 requests a token for a deposit and withdrawalservice), the electronic device 100 may generate second track data(e.g., track 3 data).

FIG. 8 is a flowchart illustrating a payment method of an electronicdevice according to an embodiment of the present disclosure.

The flowchart illustrated in FIG. 8 may include operations that theelectronic device 100 illustrated in FIGS. 1, 2, 3, 4 and 5 processes.Therefore, contents described about the electronic device 100 may beapplied to the flowchart shown in FIG. 8 with reference to FIGS. 1, 2,3, 4, and 5 even though there are omitted contents below. A flowchartillustrated in FIG. 8 may denote an operation in which the electronicdevice uses a disposable token (e.g., OTC) or in which the paymentsystem makes a payment after receiving a token, which can be repeatedlyused, for the first time.

Referring to FIG. 8, in operation 810, the electronic device 100 mayreceive a financial service request from a user. For example, theelectronic device 100 may receive a payment command or a deposit andwithdrawal command from a user through a user interface provided at apayment application installed in the electronic device 100.

In operation 820, the electronic device 100 may request a token from thepayment server 300. According to an embodiment, the token request mayinclude user information (e.g., a user account), payment information(e.g., a card number), or deposit and withdrawal (or remittance)information (e.g., an account number).

According to an embodiment, before requesting a token from the paymentserver 300, the electronic device 100 may authenticate a user inconjunction with the authentication server 200. For example, if thefinancial service is requested, the electronic device 100 may performbiometric authentication by using a biometric authentication module. Theelectronic device 100 may send authentication information to theauthentication server 200 based on the biometric authentication and mayreceive the authentication result from the authentication server 200.

In operation 830, the electronic device 100 may receive a token and aservice code from the payment server 300.

In operation 840, the electronic device 100 may generate track data byusing the token and the service code received from the payment server300. According to an embodiment, the electronic device 100 may generatedifferent track data based on a kind of financial service that a userrequests. For example, in the case where a user requests a paymentservice, the electronic device 100 may generate first track data (e.g.,track 2 data). In the case where a user requests a deposit andwithdrawal service (or a remittance service), the electronic device 100may generate second track data (e.g., track 3 data).

According to an embodiment, before generating the track data, theelectronic device 100 may ask a user about whether to use the servicecode. For example, the electronic device 100 may provide an availableservice code list through a user interface provided at a paymentapplication. The user may select whether to use the service code throughthe user interface.

According to an embodiment, in the case where receiving the token thatcan be repeatedly used, the electronic device 100 may store the receivedtoken in a memory.

In operation 850, the electronic device 100 may send the track data tothe payment device 500. According to an embodiment, in the case wherethe financial service that a user requests is a deposit and withdrawalservice (or a remittance service), the electronic device 100 may sendthe track data to the deposit and withdrawal device 700. According to anembodiment, the electronic device 100 may send the track data by usingan MST module.

FIG. 9 is a flowchart illustrating a payment method of an electronicdevice according to embodiment of the present disclosure.

The flowchart illustrated in FIG. 9 may include operations that theelectronic device 100 illustrated in FIGS. 1, 2, 3, 4 and 5 processes.Therefore, contents described about the electronic device 100 may beapplied to the flowchart shown in FIG. 9 with reference to FIGS. 1, 2,3, 4 and 5 even though there are omitted contents below. The flowchartillustrated in FIG. 9 may mean that an electronic device requests aservice code from the payment server 300 and then makes a payment whilestoring a token that can be repeatedly used.

Referring to FIG. 9, in operation 910, the electronic device 100 mayreceive a financial service request from a user. For example, theelectronic device 100 may receive a payment command or a deposit andwithdrawal command from a user through a user interface provided at apayment application installed in the electronic device 100.

In operation 920, the electronic device 100 may request a service codefrom the payment server 300. According to an embodiment, the request ofthe service code may include user information (e.g., a user account),payment information (e.g., a card number), or deposit and withdrawalinformation (e.g., an account number).

According to an embodiment, before requesting a service code from thepayment server 300, the electronic device 100 may authenticate a user inconjunction with the authentication server 200. For example, when thefinancial service is requested, the electronic device 100 may performbiometric authentication by using a biometric authentication module. Theelectronic device 100 may send authentication information to theauthentication server 200 based on the biometric authentication and mayreceive the authentication result from the authentication server 200.

In operation 930, the electronic device 100 may receive the service codefrom the payment server 300.

In operation 940, the electronic device 100 may generate track data byusing the token stored in a memory and the service code received fromthe payment server 300. According to an embodiment, the electronicdevice 100 may generate different track data based on a kind offinancial service that a user requests. For example, in the case where auser requests a payment service, the electronic device 100 may generatefirst track data (e.g., track 2 data). In the case where a user requestsa deposit and withdrawal service, the electronic device 100 may generatesecond track data (e.g., track 3 data).

According to an embodiment, before generating the track data, theelectronic device 100 may ask a user about whether to use a servicecode. For example, the electronic device 100 may provide an availableservice code list through a user interface provided at a paymentapplication. The user may select whether to use the service code throughthe user interface.

In operation 950, the electronic device 100 may send the track data tothe payment device 500. According to an embodiment, in the case wherethe financial service that a user requests is a deposit and withdrawalservice, the electronic device 100 may send the track data to thedeposit and withdrawal device 700. According to an embodiment, theelectronic device 100 may send the track data by using an MST module.

FIG. 10 is a flowchart illustrating a payment method of an electronicdevice according to an embodiment of the present disclosure.

The flowchart illustrated in FIG. 10 may include operations that theelectronic device 100 illustrated in FIGS. 1, 2, 3, 4 and 5 processes.Therefore, contents described about the electronic device 100 may beapplied to the flowchart shown in FIG. 10 with reference to FIGS. 1, 2,3, 4 and 5 even though there are omitted contents below. The flowchartillustrated in FIG. 10 may mean that an electronic device 100 requeststhe use approval of a service code from the payment server 300 and thenmakes a payment while storing an available service code list.

Referring to FIG. 10, in operation 1010, the electronic device 100 mayreceive a financial service request from a user. For example, theelectronic device 100 may receive a payment command or a deposit andwithdrawal command from a user through a user interface provided at apayment application installed in the electronic device 100.

In operation 1020, the electronic device 100 may request the paymentserver 300 to use a service code. According to an embodiment, the userequest of the service code may include user information (e.g., a useraccount), payment information (e.g., a card number), or deposit andwithdrawal information (e.g., an account number).

According to an embodiment, the electronic device 100 may send the tokenand information associated with a payment to the payment server 300. Thepayment server 300 may determine a service available to a user or anavailable service (or a service code) that is recommended to the userbased on the token and the information associated with a payment and maysend the determined service to the electronic device 100.

According to an embodiment, the electronic device 100 may request thepayment server 300 to use a service code, which is selected by a user,from among available service codes. According to an embodiment, a usermay select at least a part of an available service code list through auser interface provided at a payment application of the electronicdevice 100. According to an embodiment, the electronic device 100 mayselect different service codes based on a kind of requested financialservice. For example, if a payment request is inputted to the electronicdevice 100, the payment server 300 may provide a user interface forselecting a service code used for a payment. As another example, if adeposit and withdrawal service is requested from the electronic device100, the payment server 300 may provide a user interface for selecting aservice code used for a deposit and withdrawal by a user.

According to an embodiment, before the service code is requested fromthe payment server 300, the electronic device 100 may authenticate auser in conjunction with the authentication server 200. For example, ifthe financial service is requested, the electronic device 100 mayperform biometric authentication by using a biometric authenticationmodule. The electronic device 100 may send authentication information tothe authentication server 200 based on the biometric authentication andmay receive the authentication result from the authentication server200.

In operation 1030, the electronic device 100 may receive the useapproval information about the service code from the payment server 300.

In operation 1040, the electronic device 100 may generate track data byusing the token stored in a memory and the service code that the paymentserver 300 approves of using. According to an embodiment, the electronicdevice 100 may generate different track data based on a kind offinancial service that a user requests. For example, in the case where auser requests a payment service from the electronic device 100, theelectronic device 100 may generate first track data (e.g., track 2data). In the case where a user requests a deposit and withdrawalservice from the electronic device 100, the electronic device 100 maygenerate second track data (e.g., track 3 data).

In operation 1050, the electronic device 100 may send the track data tothe payment device 500. According to an embodiment, in the case wherethe financial service that a user requests is a deposit and withdrawalservice, the electronic device 100 may send the track data to thedeposit and withdrawal device 700. According to an embodiment, theelectronic device 100 may send the track data by using an MST module.

FIG. 11 is a flowchart illustrating a payment method of a payment serveraccording to an embodiment of the present disclosure.

Referring to FIG. 11, in operation 1110, the payment server 300 mayreceive a token request from the electronic device 100. According to anembodiment, the token request may include user information (e.g., a useraccount), payment information (e.g., a card number), or deposit andwithdrawal information (e.g., an account number).

In operation 1120, the payment server 300 may send the token request tothe finance server 400.

In operation 1130, the payment server 300 may receive a token from thefinance server 400. According to an embodiment, the payment server 300may receive an encrypted token from the finance server 400. According toan embodiment, the payment server 300 may decrypt the encrypted token.

In operation 1140, the payment server 300 may check an available servicecode. According to an embodiment, the payment server 300 may manage anavailable service code list for each user. According to an embodiment,the payment server 300 may check the service code, which is available toa user, by using the service code list.

In operation 1150, the payment server 300 may generate track data.According to an embodiment, the payment server 300 may generate thetrack data by using the token and the checked service code received fromthe finance server 400. According to another embodiment, the paymentserver 300 may generate the track data by using the token and theservice code received from the electronic device 100. According to anembodiment, the track generation module 337 may generate different trackdata based on a kind of financial service that a user requests. Forexample, in the case where a user requests a payment service, thepayment server 300 may generate first track data (e.g., track 2 data).In the case where a user requests a deposit and withdrawal service, theelectronic device 100 may generate second track data (e.g., track 3data).

In operation 1160, the payment server 300 may send track data to theelectronic device 100.

FIG. 12 is a block diagram of an electronic device in a networkenvironment according to embodiment of the present disclosure.

Referring to FIG. 12, there is described an electronic device 1201 in anetwork environment 1200 according to embodiment of the presentdisclosure. The electronic device 1201 may include, for example, all ora part of an electronic device 100 illustrated in FIG. 1. The electronicdevice 1201 may include a bus 1210, a processor 1220, a memory 1230, aninput/output (I/O) interface 1250, a display 1260, and a communicationinterface 1270. According to an embodiment, the electronic device 1201may not include at least one of the above-described components or mayfurther include other component(s).

For example, the bus 1210 may interconnect the above-describedcomponents 1210 to 1270 and may include a circuit for conveyingcommunications (e.g., a control message and/or data) among theabove-described components.

The processor 1220 may include one or more of a CPU, an AP, or acommunication processor (CP). The processor 1220 may perform, forexample, data processing or an operation associated with control orcommunication of at least one other component(s) of the electronicdevice 1201.

The memory 1230 may include a volatile and/or nonvolatile memory. Forexample, the memory 1230 may store instructions or data associated withat least one other component(s) of the electronic device 1201. Accordingto an embodiment, the memory 1230 may store software and/or a program1240.

According to an embodiment, the memory 1230 may include a main memory(not shown) and an auxiliary memory (not shown). For example, when theprocessor 1220 executes a program, the main memory may store the programand data, which is processed by the program. For example, the auxiliarymemory may be a storage that makes it possible to supplement a limitedmemory capacity of the main memory, and may store a large amount ofprogram (or data). According to an embodiment, in the case where theprocessor 1230 executes a specific program (or data) stored in theauxiliary memory, the specific program may be loaded from the auxiliarymemory to the main memory. According to an embodiment, the main memoryand the auxiliary memory may transmit or receive data between each otherusing a direct memory access (DMA) method without control of theprocessor 1220.

The program 1240 may include, for example, a kernel 1241, a middleware1243, an application programming interface (API) 1245, and/or anapplication program (or “application”) 1247. At least a part of thekernel 1241, the middleware 1243, or the API 1245 may be called an“operating system (OS)”.

The kernel 1241 may control or manage system resources (e.g., the bus1210, the processor 1220, the memory 1230, and the like) that are usedto execute operations or functions of other programs (e.g., themiddleware 1243, the API 1245, and the application program 1247).Furthermore, the kernel 1241 may provide an interface that allows themiddleware 1243, the API 1245, or the application program 1247 to accessdiscrete components of the electronic device 1201 so as to control ormanage system resources.

The middleware 1243 may perform, for example, a mediation role such thatthe API 1245 or the application program 1247 communicates with thekernel 1241 to exchange data. Furthermore, the middleware 1243 mayprocess one or more task requests received from the application program1247 according to a priority. For example, the middleware 1243 mayassign the priority, which makes it possible to use a system resource(e.g., the bus 1210, the processor 1220, the memory 1230, or the like)of the electronic device 1201, to at least one of the applicationprogram 1247 and may process the task requests.

The API 1245 may be an interface through which the application program1247 controls a function provided by the kernel 1241 or the middleware1243, and may include, for example, at least one interface or function(e.g., an instruction) for a file control, a window control, imageprocessing, a character control, or the like.

The I/O interface 1250 may transmit an instruction or data, input from auser or another external device, to other element(s) of the electronicdevice 1201. Furthermore, the I/O interface 1250 may output aninstruction or data, received from other component(s) of the electronicdevice 1201, to a user or another external device.

The display 1260 may include, for example, a liquid crystal display(LCD), a light-emitting diode (LED) display, an organic LED (OLED)display, or a microelectromechanical systems (MEMS) display, or anelectronic paper display. The display 1260 may display, for example,various contents (e.g., a text, an image, a video, an icon, a symbol,and the like) to a user. The display 1260 may include a touch screen andmay receive, for example, a touch, gesture, proximity, or hovering inputusing an electronic pen or a portion of a user's body.

The communication interface 1270 may establish communication between theelectronic device 1201 and an external electronic device (e.g., a firstexternal electronic device 1202, a second external electronic device1204, or a server 1206). For example, the communication interface 1270may be connected to a network 1262 through wireless communication orwired communication to communicate with an external device (e.g., thesecond external electronic device 1204 or the server 1206).

The wireless communication may include at least one of, for example, along-term evolution (LTE), an LTE Advance (LTE-A), a code divisionmultiple access (CDMA), a wideband CDMA (WCDMA), a universal mobiletelecommunications system (UMTS), a wireless broadband (WiBro), a globalsystem for mobile communications (GSM), or the like, as a cellularcommunication protocol. Furthermore, the wireless communication mayinclude, for example, a local area network 1264. The local area network1264 may include at least one of Wi-Fi, Bluetooth, bluetooth low energy(BLE), Zigbee, NFC, MST, or a GNSS. The GNSS may include at least one ofa global positioning system (GPS), a global navigation satellite system(Glonass), a Beidou Navigation Satellite System (hereinafter referred toas “Beidou”), or a European global satellite-based navigation system(Galileo). In this specification, “GPS” and “GNSS” may beinterchangeably used.

The wired communication may include at least one of, for example, auniversal serial bus (USB), a high definition multimedia interface(HDMI), a recommended standard-232 (RS-232), a power line communication,or a plain old telephone service (POTS). The network 1262 may include atleast one of telecommunications networks, for example, a computernetwork (e.g., local area network (LAN) or wide area network (WAN)), anInternet, or a telephone network.

Each of the external first and second external electronic devices 1202and 1204 may be a device of which the type is different from or the sameas that of the electronic device 1201. According to an embodiment, theserver 1206 may include a group of one or more servers. According tovarious embodiments, all or a part of operations that the electronicdevice 1201 will perform may be executed by another or plural electronicdevices (e.g., the electronic devices 1202 and 1204 or the server 1206).According to an embodiment, in the case where the electronic device 1201executes any function or service automatically or in response to arequest, the electronic device 1201 may not perform the function or theservice internally, but, alternatively additionally, it may request atleast a part of a function associated with the electronic device 1201 atother device (e.g., the electronic device 1202 or 1204 or the server1206). The other electronic device (e.g., the electronic device 1202 or1204 or the server 1206) may execute the requested function oradditional function and may transmit the execution result to theelectronic device 1201. The electronic device 1201 may provide therequested function or service using the received result or mayadditionally process the received result to provide the requestedfunction or service. To this end, for example, cloud computing,distributed computing, or client-server computing may be used.

FIG. 13 is a block diagram of an electronic device according to anembodiment of the present disclosure.

The electronic device 1301 may include, for example, all or a part ofthe electronic device 100 illustrated in FIG. 5. The electronic device1301 may include one or more processors (e.g., an AP) 1310, acommunication module 1320, a subscriber identification module 1329, amemory 1330, a sensor module 1340, an input device 1350, a display 1360,an interface 1370, an audio module 1380, a camera module 1391, a powermanagement module 1395, a battery 1396, an indicator 1397, and a motor1398.

The processor 1310 may drive an OS or an application program to controla plurality of hardware or software elements connected to the processor1310 and may process and compute a variety of data. The processor 1310may be implemented with a SoC, for example. According to an embodiment,the processor 1310 may further include a GPU and/or an image signalprocessor (ISP). The processor 1310 may include at least a part (e.g., acellular module 1321) of elements illustrated in FIG. 13. The processor1310 may load and process an instruction or data, which is received fromat least one of other components (e.g., a nonvolatile memory), and maystore a variety of data at a nonvolatile memory.

The communication module 1320 may be configured the same as or similarto a communication interface 1270 of FIG. 12. The communication module1320 may include a cellular module 1321, a Wi-Fi module 1322, aBluetooth (BT) module 1323, a GNSS module 1324 (e.g., a GPS module, aGlonass module, a Beidou module, or a Galileo module), an NFC module1325, an MST module 1326, and a radio frequency (RF) module 1327.

The cellular module 1321 may provide voice communication, videocommunication, a character service, an Internet service, or the likethrough a communication network. According to an embodiment, thecellular module 1321 may perform discrimination and authentication ofthe electronic device 1301 within a communication network using asubscriber identification module 1329 (e.g., a SIM card), for example.According to an embodiment, the cellular module 1321 may perform atleast a portion of functions that the processor 1310 provides. Accordingto an embodiment, the cellular module 1321 may include a CP.

Each of the Wi-Fi module 1322, the BT module 1323, the GNSS module 1324,the NFC module 1325, or the MST module 1326 may include a processor forprocessing data exchanged through a corresponding module, for example.According to an embodiment, at least a part (e.g., two or morecomponents) of the cellular module 1321, the Wi-Fi module 1322, the BTmodule 1323, the GNSS module 1324, the NFC module 1325, or the MSTmodule 1326 may be included within one integrated circuit (IC) or an ICpackage.

The RF module 1327 may transmit and receive, for example, acommunication signal (e.g., an RF signal). For example, the RF module1327 may include a transceiver, a power amplifier module (PAM), afrequency filter, a low noise amplifier (LNA), an antenna, or the like.According to various embodiments, at least one of the cellular module1321, the Wi-Fi module 1322, the BT module 1323, the GNSS module 1324,or the NFC module 1325, or the MST module 1326 may transmit and receivean RF signal through a separate RF module.

The subscriber identification module 1329 may include, for example, asubscriber identification module and may include unique identifyinformation (e.g., integrated circuit card identifier (ICCID)) orsubscriber information (e.g., integrated mobile subscriber identity(IMSI)).

The memory 1330 may include, for example, an internal memory 1332 or anexternal memory 1334. For example, the internal memory 1332 may includeat least one of a volatile memory (e.g., a dynamic random access memory(DRAM), a static RAM (SRAM), or a synchronous DRAM (SDRAM)), anonvolatile memory (e.g., a one-time programmable read only memory(OTPROM), a programmable ROM (PROM), an erasable and programmable ROM(EPROM), an electrically erasable and programmable ROM (EEPROM), a maskROM, a flash ROM, a NAND flash memory, or a NOR flash memory), a harddrive, or a solid state drive (SSD).

The external memory 1334 may include a flash drive, for example, compactflash (CF), secure digital (SD), micro-SD, mini-SD, extreme digital(xD), multimedia card (MMC), a memory stick, or the like. The externalmemory 1334 may be functionally and/or physically connected with theelectronic device 1301 through various interfaces.

The security module 1336 (or security memory) (e.g., the memory 160) maybe a module that includes a storage space of which a security level ishigher than that of the memory 1330 and may be a circuit that guaranteesa safe data storage and a protected execution environment. The securitymodule 1336 may be implemented with a separate circuit and may include aseparate processor. For example, the security module 1336 may be in asmart chip or a secure digital (SD) card, which is removable, or mayinclude an eSE embedded in a fixed chip of the electronic device 1301.Furthermore, the security module 1336 may operate based on an OS that isdifferent from the OS of the electronic device 1301. For example, thesecurity module may operate based on java card open platform (JCOP) OS.

The sensor module 1340 may measure, for example, a physical quantity ormay detect an operation state of the electronic device 1301. The sensormodule 1340 may convert the measured or detected information to anelectric signal. The sensor module 1340 may include at least one of agesture sensor 1340A, a gyro sensor 1340B, a pressure sensor 1340C, amagnetic sensor 1340D, an acceleration sensor 1340E, a grip sensor1340F, a proximity sensor 1340G, a color sensor 1340H (e.g., red, green,blue (RGB) sensor), a biometric sensor 1340I, a temperature/humiditysensor 1340J, an illuminance sensor 1340K, or an UV sensor 1340M.Additionally or alternatively, the sensor module 1340 may furtherinclude, for example, an E-nose sensor, an electromyography sensor (EMG)sensor, an electroencephalogram (EEG) sensor, an electrocardiogram (ECG)sensor, a photoplethysmographic (PPG) sensor, an infrared (IR) sensor,an iris sensor, and/or a fingerprint sensor. The sensor module 1340 mayfurther include a control circuit for controlling at least one or moresensors included therein. According to an embodiment of the presentdisclosure, the electronic device 1301 may further include a processorwhich is a part of the processor 1310 or independent of the processor1310 and is configured to control the sensor module 1340. The processormay control the sensor module 1340 while the processor 1310 remains at asleep state.

The input device 1350 may include, for example, a touch panel 1352, a(digital) pen sensor 1354, a key 1356, or an ultrasonic input unit 1358.The touch panel 1352 may use at least one of capacitive, resistive,infrared and ultrasonic detecting methods. Also, the touch panel 1352may further include a control circuit. The touch panel 1352 may furtherinclude a tactile layer to provide a tactile reaction to a user.

The (digital) pen sensor 1354 may be, for example, a part of a touchpanel or may include an additional sheet for recognition. The key 1356may include, for example, a physical button, an optical key, a keypad,and the like. The ultrasonic input device 1358 may detect (or sense) anultrasonic signal, which is generated from an input device, through amicrophone (e.g., a microphone 1388) and may check data corresponding tothe detected ultrasonic signal.

The display 1360 may include a panel 1362, a hologram device 1364, or aprojector 1366. For example, the panel 1362 may be implemented to beflexible, transparent, or wearable. The panel 1362 and the touch panel1352 may be integrated into a single module. The hologram device 1364may display a stereoscopic image in a space using a light interferencephenomenon. The projector 1366 may project light onto a screen so as todisplay an image. The screen may be arranged inside or outside theelectronic device 1301. According to an embodiment, the display 1360 mayfurther include a control circuit for controlling the panel 1362, thehologram device 1364, or the projector 1366.

The interface 1370 may include, for example, an HDMI 1372, a USB 1374,an optical interface 1376, or a D-subminiature (D-sub) 1378. Theinterface 1370 may be included, for example, in the communicationinterface 1270 illustrated in FIG. 12. Additionally or alternatively,the interface 1370 may include, for example, a mobile high definitionlink (MHL) interface, a SD card/multi-media card (MMC) interface, or aninfrared data association (IrDA) standard interface.

The audio module 1380 may convert a sound and an electric signal in dualdirections. At least a part of elements of the audio module 1380 mayprocess, for example, sound information that is input or output througha speaker 1382, a receiver 1384, an earphone 1386, or a microphone 1388.

The camera module 1391 for shooting a still image or a video mayinclude, for example, at least one image sensor (e.g., a front sensor ora rear sensor), a lens, an ISP, or a flash (e.g., an LED or a xenonlamp)

The power management module 1395 may manage, for example, power of theelectronic device 1301. According to an embodiment of the presentdisclosure, the power management module 1395 may include a powermanagement integrated circuit (PMIC), a charger IC, or a battery or fuelgauge. The PMIC may have a wired charging method and/or a wirelesscharging method. The wireless charging method may include, for example,a magnetic resonance method, a magnetic induction method or anelectromagnetic method and may further include an additional circuit,for example, a coil loop, a resonant circuit, or a rectifier, and thelike. The battery gauge may measure, for example, a remaining capacityof the battery 1396 and a voltage, current or temperature thereof whilethe battery is charged. The battery 1396 may include, for example, arechargeable battery or a solar battery.

The indicator 1397 may display a specific state of the electronic device1301 or a part thereof (e.g., the processor 1310), such as a bootingstate, a message state, a charging state, and the like. The motor 1398may convert an electrical signal into a mechanical vibration and maygenerate the following effects vibration, haptic, and the like. Althoughnot illustrated, a processing device (e.g., a GPU) for supporting amobile TV may be included in the electronic device 1301. The processingdevice for supporting a mobile TV may process media data according tothe standards of DMB, digital video broadcasting (DVB), MediaFlo™, orthe like.

FIG. 14 is a block diagram of a program module according to anembodiment of the present disclosure.

According to an embodiment, a program module 1410 (e.g., the program1240 in FIG. 12) may include an OS to control resources associated withan electronic device (e.g., the electronic device 1201 in FIG. 12),and/or diverse applications (e.g., the application program 1247 in FIG.12) driven on the OS. The OS may be, for example, android, iOS, windows,symbian, tizen, or bada.

The program module 1410 may include a kernel 1420, a middleware 1430, anAPI 1460, and/or an application 1470. At least a part of the programmodule 1410 may be preloaded on an electronic device or may bedownloadable from an external electronic device (e.g., the electronicdevice 1202 or 1204, the server 1206, and the like).

The kernel 1420 (e.g., the kernel 1241) may include, for example, asystem resource manager 1421, or a device driver 1423. The systemresource manager 1421 may perform control, allocation, or retrieval ofsystem resources. According to an embodiment, the system resourcemanager 1421 may include a process managing unit, a memory managingunit, or a file system managing unit. The device driver 1423 mayinclude, for example, a display driver, a camera driver, a Bluetoothdriver, a common memory driver, an USB driver, a keypad driver, a Wi-Fidriver, an audio driver, or an inter-process communication (IPC) driver.

The middleware 1430 may provide, for example, a function which theapplication 1470 needs in common, or may provide diverse functions tothe application 1470 through the API 1460 to allow the application 1470to efficiently use limited system resources of the electronic device.According to an embodiment, the middleware 1430 (e.g., the middleware1243) may include at least one of a runtime library 1435, an applicationmanager 1441, a window manager 1442, a multimedia manager 1443, aresource manager 1444, a power manager 1445, a database manager 1446, apackage manager 1447, a connectivity manager 1448, a notificationmanager 1449, a location manager 1450, a graphic manager 1451, or asecurity manager 1452.

The runtime library 1435 may include, for example, a library modulewhich is used by a compiler to add a new function through a programminglanguage while the application 1470 is being executed. The runtimelibrary 1435 may perform I/O management, memory management, orcapacities about arithmetic functions.

The application manager 1441 may manage, for example, a life cycle of atleast one application of the application 1470. The window manager 1442may manage a GUI resource which is used in a screen. The multimediamanager 1443 may identify a format necessary for playing diverse mediafiles, and may perform encoding or decoding of media files by using acodec suitable for the format. The resource manager 1444 may manageresources such as a storage space, memory, or source code of at leastone application of the application 1470.

The power manager 1445 may operate, for example, with a basicinput/output system (BIOS) to manage a battery or power, and may providepower information for an operation of an electronic device. The databasemanager 1446 may generate, search for, or modify database which is to beused in at least one application of the application 1470. The packagemanager 1447 may install or update an application that is distributed inthe form of package file.

The connectivity manager 1448 may manage, for example, wirelessconnection such as Wi-Fi or Bluetooth. The notification manager 1449 maydisplay or notify an event such as arrival message, appointment, orproximity notification in a mode that does not disturb a user. Thelocation manager 1450 may manage location information of an electronicdevice. The graphic manager 1451 may manage a graphic effect that isprovided to a user, or manage a user interface relevant thereto. Thesecurity manager 1452 may provide a general security function necessaryfor system security or user authentication. According to an embodiment,in the case where an electronic device (e.g., the electronic device1201) includes a telephony function, the middleware 1430 may furtherinclude a telephony manager for managing a voice or video call functionof the electronic device.

The middleware 1430 may include a middleware module that combinesdiverse functions of the above-described components. The middleware 1430may provide a module specialized to each OS kind to providedifferentiated functions. Additionally, the middleware 1430 may remove apart of the preexisting components, dynamically, or may add a newcomponent thereto.

The API 1460 (e.g., an API 1245) may be, for example, a set ofprogramming functions and may be provided with a configuration which isvariable depending on an OS. For example, in the case where an OS is theandroid or the iOS, it may be permissible to provide one API set perplatform. In the case where an OS is the tizen, it may be permissible toprovide two or more API sets per platform.

The application 1470 (e.g., the application program 1247) may include,for example, one or more applications capable of providing functions fora home 1471, a dialer 1472, an SMS/multimedia message service (MMS)1473, an instant message (IM) 1474, a browser 1475, a camera 1476, analarm 1477, a contact 1478, a voice dial 1479, an e-mail 1480, acalendar 1481, a media player 1482, an album 1483, a timepiece 1484, andpayment 1486 or for offering health care (e.g., measuring an exercisequantity or blood sugar) or environment information (e.g., atmosphericpressure, humidity, or temperature).

According to an embodiment of the present disclosure, the application1470 may include an application (hereinafter referred to as “informationexchanging application” for descriptive convenience) to supportinformation exchange between the electronic device (e.g., the electronicdevice 1201) and an external electronic device (e.g., the electronicdevice 1202 or 1204). The information exchanging application mayinclude, for example, a notification relay application for transmittingspecific information to the external electronic device, or a devicemanagement application for managing the external electronic device.

For example, the information exchanging application may include afunction of transmitting notification information, which arise fromother applications (e.g., applications for SMS/MMS, e-mail, health care,or environmental information), to an external electronic device (e.g.,the electronic device 1202 or 1204). Additionally, the informationexchanging application may receive, for example, notificationinformation from an external electronic device and provide thenotification information to a user.

The device management application may manage (e.g., install, delete, orupdate), for example, at least one function (e.g., turn-on/turn-off ofan external electronic device itself (or a part of components) oradjustment of brightness (or resolution) of a display) of the externalelectronic device (e.g., the electronic device 1202 or 1204) whichcommunicates with the electronic device, an application running in theexternal electronic device, or a service (e.g., a call service, amessage service, or the like) provided from the external electronicdevice.

According to an embodiment, the application 1470 may include anapplication (e.g., a health care application) which is assigned inaccordance with an attribute (e.g., an attribute of a mobile medicaldevice as a kind of electronic device) of an external electronic device(e.g., the electronic device 1202 or 1204). According to an embodimentof the present disclosure, the application 1470 may include anapplication which is received from an external electronic device (e.g.,the server 1206 or the electronic device 1202 or 1204). According to anembodiment, the application 1470 may include a preloaded application ora third party application which is downloadable from a server. Thecomponent titles of the program module 1410 according to the embodimentof the present disclosure may be modifiable depending on kinds of OSs.

According to various embodiments of the present disclosure, at least apart of the program module 1410 may be implemented by software,firmware, hardware, or a combination of two or more thereof. At least aportion of the program module 1410 may be implemented (e.g., executed),for example, by a processor (e.g., the control module 170). At least apart of the program module 1410 may include, for example, modules,programs, routines, sets of instructions, or processes, or the like forperforming one or more functions. Each of the above-mentioned elementsof the electronic device according to various embodiments of the presentdisclosure may be configured with one or more components, and the namesof the elements may be changed according to the type of the electronicdevice. According to various embodiments, the electronic device mayinclude at least one of the above-mentioned elements, and some elementsmay be omitted or other additional elements may be added. Furthermore,some of the elements of the electronic device according to variousembodiments of the present disclosure may be combined with each other soas to form one entity, so that the functions of the elements may beperformed in the same manner as before the combination.

The term “module” used herein may represent, for example, a unitincluding one or more combinations of hardware, software and firmware.The term “module” may be interchangeably used with the terms “unit”,“logic”, “logical block”, “component” and “circuit”. The “module” may bea minimum unit of an integrated component or may be a part thereof. The“module” may be a minimum unit for performing one or more functions or apart thereof. The “module” may be implemented mechanically orelectronically. For example, the “module” may include at least one of anapplication-specific IC (ASIC) chip, a field-programmable gate array(FPGA), and a programmable-logic device for performing some operations,which are known or will be developed.

At least a part of an apparatus (e.g., modules or functions thereof) ora method (e.g., operations) according to various embodiments of thepresent disclosure may be, for example, implemented by instructionsstored in a computer-readable storage media in the form of a programmodule. If the instructions are executed by a processor (e.g., thecontrol module 170), the one or more processors may perform functionscorresponding to the instructions.

The computer-readable storage media may include a hard disk, a floppydisk, a magnetic media (e.g., a magnetic tape), an optical media (e.g.,a compact disc ROM (CD-ROM) and a digital versatile disc (DVD)), amagneto-optical media (e.g., a floptical disk), and hardware devices(e.g., a ROM, a RAM, or a flash memory). Also, a program instruction mayinclude not only a mechanical code such as things generated by acompiler but also a high-level language code executable on a computerusing an interpreter. The above-mentioned hardware device may beconfigured to operate as one or more software modules to performoperations according to various embodiments of the present disclosure,and vice versa.

Modules or program modules according to various embodiments of thepresent disclosure may include at least one or more of theabove-mentioned components, some of the above-mentioned components maybe omitted, or other additional components may be further includedtherein. Operations executed by modules, program modules, or otherelements may be executed by a successive method, a parallel method, arepeated method, or a heuristic method. Also, a part of operations maybe executed in different sequences, omitted, or other operations may beadded.

According to various embodiments of the present disclosure, anelectronic device may provide a variety of additional services suitablefor a user by variably generating track data based on the request of auser or the use purpose of a service.

While the present disclosure has been shown and described with referenceto various embodiments thereof, it will be understood by those skilledin the art that various changes in form and details may be made thereinwithout departing from the spirit and scope of the present disclosure asdefined by the appended claims and their equivalents.

What is claimed is:
 1. An electronic device comprising: a displayconfigured to receive a user command; a transceiver configured tocommunicate with an external device; and a processor configured to:request a token associated with a financial service from a paymentserver when a user requests the financial service, and generate data forproviding the financial service by using the token and serviceinformation when the token and the service information associated withthe financial service is received from the payment server.
 2. Theelectronic device of claim 1, further comprising: a memory, wherein theprocessor is further configured to store the token in the memory.
 3. Theelectronic device of claim 2, wherein the processor is furtherconfigured to: request the service information from the payment serverwhen the user requests the financial service, and generate the data forproviding the financial service by using the token stored in the memoryand the service information when the service information is receivedfrom the payment server.
 4. The electronic device of claim 1, furthercomprising: a magnetic secure transmission (MST) emitter, wherein theprocessor is further configured to send the data for providing thefinancial service to a payment device or a deposit and withdrawal devicethrough the MST emitter.
 5. The electronic device of claim 1, whereinthe data for the financial service is track data, and wherein theprocessor is further configured to: generate first track data when theuser requests a payment service, and generate second track data when theuser requests a deposit and withdrawal service.
 6. The electronic deviceof claim 1, wherein the data for the financial service is track data,and wherein the processor is configured to generate first track datawhen data is received from a payment device and to generate second trackdata when data is received from a deposit and withdrawal device.
 7. Theelectronic device of claim 5, wherein the service information isexpressed by two decimal digits, and wherein the service information isinserted in 25^(th) and 26^(th) positions of the first track data. 8.The electronic device of claim 5, wherein the service informationinserted in the first track data is a code for performing at least oneof providing an advertisement, issuing a coupon, collecting a point, anddiscounting a charge.
 9. The electronic device of claim 5, wherein theservice information is expressed by two decimal digits, and wherein theservice information is inserted in 90^(th) and 91^(st) positions of thesecond track data.
 10. The electronic device of claim 5, wherein theservice information inserted in the second track data is a code forperforming at least one of not outputting a receipt, discounting a fee,reducing and exempting a fee, or providing a text service.
 11. A methodof an electronic device for making a payment, the method comprising:receiving a financial service request from a user; requesting a tokenassociated with the financial service from a payment server; receivingthe token and service information associated with the financial servicefrom the payment server; and generating data for providing the financialservice by using the token and the service information.
 12. The methodof claim 11, further comprising: storing the token in a memory;receiving the financial service request from the user; requesting theservice information from the payment server; receiving the serviceinformation from the payment server; and generating the data forproviding the financial service by using the token stored in the memoryand the service information.
 13. The method of claim 11, furthercomprising: sending the data for providing the financial service to apayment device or a deposit and withdrawal device through a magneticsecure transmission (MST) emitter.
 14. The method of claim 11, whereinthe data for providing the financial service is track data, and whereinthe generating of the data comprises: generating first track data whenthe user requests a payment service; and generating second track datawhen the user requests a deposit and withdrawal service.
 15. The methodof claim 11, wherein the data for the financial service is track data,and wherein the generating of the data comprises: generating first trackdata when data from a payment device is received; and generating secondtrack data when data from a deposit and withdrawal device is received.16. The method of claim 11, further comprising: authenticating the userbefore the requesting of the token associated with the financial servicefrom the payment server, wherein the authenticating comprises: receivinga biometric information of the user; performing biometric authenticationby comparing the biometric information of the user with a registeredbiometric information; sending authentication information to anauthentication server based on the biometric authentication; andreceiving an authentication result from the authentication server.
 17. Aserver comprising: a transceiver configured to communicate with anexternal device; a memory configured to store available serviceinformation for each user; and a processor configured to: request atoken from a finance server when an electronic device requests the tokenassociated with a financial service, check the service informationavailable to a user of the electronic device when the token is receivedfrom the finance server, and generate data for providing the financialservice by using the token and the available service information. 18.The server of claim 17, wherein the data for providing the financialservice is track data, and wherein the processor is further configuredto: generate first track data when the electronic device requests atoken for a payment service, and generate second track data when theelectronic device requests a token for a deposit and withdrawal service.19. The server of claim 18, wherein the processor is further configuredto check the service information available to the user of the electronicdevice when the electronic device requests the service information andto send the available service information to the electronic device. 20.The server of claim 18, wherein the processor is further configured to:check an authority to use the service information when a use request ofthe service information is received from the electronic device, and senduse approval information about the service code to the electronic devicewhen it is determined that the user has the authority.